SEC Releases New Guidance on Cybersecurity Disclosures and Controls

On Feb. 21, 2018, the SEC voted unanimously to approve a statement and interpretive guidance to assist the public in preparing disclosures about cybersecurity risks and incidents. The new guidance expands upon previous guidance provided in October of 2011.

Share with Email

sending now...

Thank you for sharing!

Your article was successfully shared with the contacts you provided.

On Feb. 21, 2018, the Securities and Exchange Commission (SEC) voted unanimously to approve a statement and interpretive guidance to assist the public in preparing disclosures about cybersecurity risks and incidents. The SEC’s February 2018 guidance expands upon previous guidance provided in October of 2011 by the SEC’s Division of Corporate Finance, which addressed the Division’s views regarding disclosure obligations relating to cyber risks and incidents.

Like poorly-behaved school children, new technologies and intellectual property (IP) are increasingly disrupting the M&A establishment. Cybersecurity has become the latest disruptive newcomer to the M&A party.

Technologies are often pitched as solutions, if not game-changing solutions. Indeed, many times they are, but no solution comes without the seeds of its own costs and challenges. For pragmatic and regulatory compliance reasons, it is increasingly important for boards, senior executives and general counsel to sufficiently understand technologies, not just their potential promise.

The social, economic, and political forces pushing for a comprehensive overhaul of the nation’s privacy regime are numerous, and many see 2019 as presenting the best opportunity yet for passage of federal data privacy legislation.

Like poorly-behaved school children, new technologies and intellectual property (IP) are increasingly disrupting the M&A establishment. Cybersecurity has become the latest disruptive newcomer to the M&A party.

Technologies are often pitched as solutions, if not game-changing solutions. Indeed, many times they are, but no solution comes without the seeds of its own costs and challenges. For pragmatic and regulatory compliance reasons, it is increasingly important for boards, senior executives and general counsel to sufficiently understand technologies, not just their potential promise.